Weekly Intelligence Summaries
Our Weekly Intelligence Summaries cover insights, news and analysis into cybersecurity, threat intelligence, and geopolitical events.
Want to join our Cybersecurity and Threat Intelligence Community of Professionals? Subscribe to our mailing list to get industry-relevant news straight to your inbox and to download the full Weekly Intelligence Snapshot.
Weekly Intelligence Snapshot – Week 26
Quointelligence is analyzing the use of Follina vulnerability in the campaign targeting entities in Ukraine reported by the CERT-UA, allegedly associated with the APT28 cluster
Weekly Intelligence Snapshot – Week 25
Quointelligence is analyzing the use of Follina vulnerability in the campaign targeting entities in Ukraine reported by the CERT-UA, allegedly associated with the APT28 cluster
Weekly Intelligence Snapshot – Week 24
We analyzed the encryption software samples used in HelloXD’s Ransomware operation and provide an update of the latest legislation regarding US and EU cybersecurity controls.
Unexpected changes to the Global Threat Landscape from the Ukraine War
We analyze how the war in Ukraine has affected the global IT sector and other unexpected changes to the Global Threat Landscape
Weekly Intelligence Snapshot – Week 23
This week we provide analysis into IndustrialSpy and their encryption software, which they recently leveraged in cyber operations.
Weekly Intelligence Snapshot – Week 22
Quointelligence reported on the Gamaredon group activity characterized by the use of SFX archives to deliver #malware. In this weekly, we continue to cover developments of related activity, which enabled us to map the infrastructure used and establish a pattern of behavior.
Weekly Intelligence Snapshot – Week 21
Quointelligence reported on the Gamaredon group activity characterized by the use of SFX archives to deliver #malware. In this weekly, we continue to cover developments of related activity, which enabled us to map the infrastructure used and establish a pattern of behavior.
Weekly Intelligence Snapshot – Week 20
In this Weekly we report on how a threat actor, possibly Russian, is targeting users in Germany by using information on the war in Ukraine as a lure. We also look at how international co-operation on cybersecurity is increasing as a result of the Ukraine conflict. Meanwhile, the increasing isolation of Russia through international sanctions could impact the global IT threat landscape, with emphasis on semiconductors and products using them.
Weekly Intelligence Snapshot – Week 19
In this weekly we investigate the emerging threat of NodePacketManager (NPM) becoming an attack vector for supply chains and the rising trend of extortion groups targeting companies without using ransomware. In terms of the war in Ukraine, we have escalated our cyber threat level from MEDIUM to HIGH due to extremely targeted hacktivist activity against entities operating in NATO countries.
Weekly Intelligence Snapshot – Week 18
QuoIntelligence is tracking a campaign where the threat actors are using the remote template injection to deliver an espionage implant targeting Russian entities. Researchers allege that the campaign in question is attributed to Chinese nation-state actors. We continue our Ukraine war Geopolitics and Cyber coverage. Since organizations increased their monitoring of Russian APTs, other threat actors are likely to leverage the void and increase their activities, as we have observed with Chinese-sponsored threat actors over the last weeks.